Cybersecurity Bill Gets New Life in Senate

It now appears as if senators will get the opportunity to vote on a presumed-dead cybersecurity bill before the lame-duck session ends, a key lawmaker and a congressional source said on Thursday. After the Senate failed to move forward on a bill overhauling the National Security Agency’s authority last month, hope that senators would consider ...

It now appears as if senators will get the opportunity to vote on a presumed-dead cybersecurity bill before the lame-duck session ends, a key lawmaker and a congressional source said on Thursday.

After the Senate failed to move forward on a bill overhauling the National Security Agency’s authority last month, hope that senators would consider the National Cybersecurity and Critical Infrastructure Protection Act, which passed the House in July, faded. However, House Homeland Security Committee Chairman Michael McCaul (R-Texas) said Thursday he expects the Senate to move on the bill.

A congressional source close to negotiations on the bill confirmed McCaul’s comments to Foreign Policy. If it passes the Senate, the bill then heads to President Barack Obama’s desk for signing.

McCaul’s “staff has been in negotiations with Senate staff for months now,” the source said.

If passed, the bill would allow private companies to share cybersecurity data with the Department of Homeland Security. The bill also outlines Homeland Security’s role in American cybersecurity and would reauthorize the department’s authorities.

The bill would also give legal protection to private companies that share information with the federal government. All government agencies would also be required to tell Homeland Security about any cyberattack.

The congressional source said that the bill was “hotlined” in the Senate, a little-known procedural move meant to speed a bill’s passage. For legislation to successfully be “hotlined,” the Senate majority and minority leaders must agree to pass the bill by unanimous consent, which bypasses a roll-call vote. The leaders then inform members of their decision using a “hotline” phone installed in each senator’s office. Members then have a specified amount of time, which sometimes can be must minutes, to object. If there are no objections, the bill is deemed passed.

The House has no similar mechanism.

“We’re hopeful we’ll get through the hotline process,” the source said.

McCaul told Capitol newspaper the Hill that the legislation is the “most significant piece of cyber legislation that’s been passed by the United States Congress.” Privacy advocates, including the American Civil Liberties Union, back it.

News of movement on the bill comes in the wake of a hack of Sony Pictures Entertainment that exposed employee information, Social Security numbers, passwords, and movies. Investigators suspect North Korea is behind the attack, although an unnamed North Korean diplomat denied Pyongyang’s role in the breach Wednesday.